An attack on the NuGet package registry shows how advanced open-source software supply chain attacks have become. It shows how attackers can take advantage of developers’ trust and gaps in registry rules to inject malware that steals data directly into business build processes. Security researchers from Socket recently found a live homoglyph typosquat on NuGet […]
The post NuGet attack highlights open-source software supply chain risk appeared first on Developer Tech News.
